S100 User Guide
Chapter 1
SyncServer S100 User Guide
Installation, Configuration, and Operation
for the SyncServer S100 - OS Version 1.3
Part #: S100 User Guide, Rev. D, June 2005
1
2 S100 User Guide – Rev. D – June 2005
Table of Contents
Chapter 1
Introduction and Overview 1
1
Conventions Used 2
Product Details 3
Time Standards 3
Global Positioning System (GPS) 3
Stratum Levels 4
Time Synchronization and Business 4
How the S100 Solves the Problem 5
National Measurement Institutes 5
Special Safety Instructions 6
Lithium Battery Disposal Instructions 6
Electrical Safety Instructions 6
Chapter 2
S100 Technology 7
Overview 7
S100 Product Overview 7
Sources of Time 7
On the Network 7
Web-based Access 8
Time Distribution Model 9
How the S100 Works 9
S100 and Time Distribution 10
S100 and Client Software 10
S100 and NTP v4’s Security Features 10
S100 and the Global Positioning System 11
2
3
5
Chapter 3
Installation and Configuration 13
Overview 13
Getting Up and Running 13
Unpacking Your S100 13
S100 User Guide – Rev. D – June 2005 i
1
SyncServer S100
Your CD-ROM 15
Using the Software 16
PuTTY Folder Details 16
PUTTY.EXE 16
PSCP.EXE 16
PSFTP.EXE 17
PLINK.EXE 17
PAGEANT.EXE 17
PUTTYGEN.EXE 18
Installing Your S100 19
Rack Mounting 19
Primary Power Connection 19
Important Safety Instructions! 19
Making All Connections: An Overview 20
Setting Up the Hardware 21
On the S100 Front Panel 21
On the S100 Rear Panel 22
Installing the GPS Antenna 23
Choosing an Antenna Location 23
Installing the GPS antenna 24
Connecting the Rubidium Option 24
Establishing A Serial Connection 24
Setting Up the IP Address 26
Testing Network Functionality 28
Turning Off Your S100 29
How to Acquire Time 30
Logging On 30
Administrator Log-In 31
Next Step 32
The Configuration Wizard 32
Choose Your Time Source 33
GPS 35
NTP 42
Configuring NTP 45
IRIG-B (v.120,122,123) 45
Using SymmTime™ 49
Installing SymmTime 49
To Synchronize SymmTime: 51
Next: Use the Web-Based Interface 51
Chapter 4
The Web-Based Interface 53
Overview 53
Interface: Screen Reference 53
ii S100 User Guide – Rev. D – June 2005
Logging In 54
Administrative Interface 54
Admin Interface: Base Menu 55
Administrative Menu: Expanded 56
System Status 57
Timing Configuration 57
NTP Relationships 58
NTP Time Source Test 60
NTP Dialup 60
NTP Restart 61
NTP Status 61
Advanced: ntp.conf 63
Advanced: Keys/Certificates 64
Timing Engine 65
Main Settings 65
Timecode Settings 66
GPS Information 67
GPS Health 67
GPS Signal Strength 68
GPS Time 69
GPS Position 69
Other Information 70
Engine Time 70
Clock Settings 70
Control Settings 71
Model Information 72
Networking 72
TCP/IP 72
ifconfig Output 74
Ping 74
Traceroute 75
Administration 76
Shutdown/Reboot 76
Admin Users 77
Restart Web Interface 77
Time Zone 78
System Log Configuration 78
SNMP Configuration 79
SNMP Edit 79
Alarms 80
Configuration Wizard 80
Logs 81
NTP Log 81
Boot Log 82
System Log 82
Config Log 83
HTTP Log 83
Help 84
1
2
3
5
S100 User Guide – Rev. D – June 2005 iii
1
SyncServer S100
SyncServer Help 84
NTPD Help 84
Search NTPD Manual 84
Logging Off 85
Chapter 5
Operations & Time-Protocols 87
S100: Operations and Time Protocols 87
Sysplex Timer 87
Time Protocol (RFC 868) 89
Daytime Protocol (RFC 867) 89
Simple Network Time Protocol (RFC 2030) 90
Network Time Protocol (RFC 1305) 90
NTP Authentication 93
Authentication: NTP v3 93
Authentication: NTP v4 Autokey 94
Public Domain NTP Package 94
Typical NTP Configuration Considerations 94
Other NTP Considerations 95
Clients 95
Basic NTP Configuration 96
Peers 103
Security 103
ACTS Interface: Dial-up 103
ACTS Operation 104
SNMP (Simple Network Management Protocol) 104
Version 1 105
Version 3 106
Chapter 6
Frequently Asked Questions 109
Questions 109
How can we obtain NTP client software to use with the S100? 109
What are the main differences between SNTP and NTP clients? 109
Is there a way to get GPS time instead of UTC time from the S100? 109
What outputs are available on the S100? 109
How does the S100 handle Leap Second? 110
What signal strengths are required by the S100 receiver to start tracking? 110
How do I check versions of the software in the S100? 110
What is the maximum number of computers that can be networked to the
S100? 110
iv S100 User Guide – Rev. D – June 2005
How many satellites are necessary for me to operate the S100? 111
How do I know if the satellite signal strength is good? 111
What is the maximum antenna cable length for use with the S100? 111
What are the available antenna cable lengths and antenna requirements? 111
What are some guidelines for correctly cutting the cable, using splitters , and
using cable connectors? 111
How many NTP requests can be processed by the S100 each second? 112
Does the S100 support NTP v4? 112
Can the S100 utilize a certificate from an external CA? 112
How is the interface to the S100 secured? 112
What security functions are provided with the S100? 112
Does the S100 support any functions to restrict user access to NTP service? Can
the S100 set up clients' IP address to be connected? 112
What is the bandwidth utilization (TCP/IP) each time an NTP client gets a time
update from the NTP server? 112
Is NTP v4 compatible with Network Address Translation (NAT) gateways? 113
How does the S100 clock behave when a leap second is introduced? 113
How-to’s and Tips 113
How to install NTP v4 on a UNIX system 114
How to configure an NTP v4 client to connect to an NTP v4 server with the
autokey scheme 114
How to verify NTP v4 autokey client connectivity with an NTP v4 server 114
How to install your S100 114
How to get time using dial-up 114
How to get time using GPS 114
How to install your GPS antenna 115
How to acquire and install SymmTime™ 115
Use the quick “How to” guide 115
How to change the root password 115
How to get information about NTP 116
Solutions 116
The S100 does not respond to ping command 116
The S100 does not respond to NTP queries 116
I cannot establish a serial connection with the S100 116
My S100 won’t track satellites 117
2
3
5
1
Appendix A
S100 Specifications 119
S100 Data Sheet Specifications 119
Pin Descriptions 120
S100 User Guide – Rev. D – June 2005 v
Appendix B
SyncServer S100
1
Time Glossary 121
Appendix D
Customer Assistance 137
US Assistance Center 137
Customer Service 137
Technical Support 137
EMEA Assistance Center 137
Customer Service 138
Technical Support 138
Appendix C
Appendix E
Antenna Replacement 141
Index 143
vi S100 User Guide – Rev. D – June 2005
Chapter 1
Introduction and Overview
The S100 provides computers and network devices secure synchronization to UTC time
using Network Time Protocol (NTP). The S100 can use the Global Positioning System
(GPS), NIST's Automated Computer Time Service (ACTS), or another NTP server as a time
reference.
Figure 1-1: The S100
1
2
3
This User Guide describes the installation and opera tion of the S100. It is written for network
administrators familiar with network configuration and operations.
The chapters and appendices address topics including:
• Installation, configuration, and operation
• The User Interface
• How the S100 works
• FAQ and Solutions
Here are shortcuts to those sections that answer frequently-asked “how to” or “How do I...?”
questions.
How to... Go here for the answer
Acquire time
Choose and configure your time source
Determine the default User Name and
Password
Get Technical Support
Get time from ACTS dial-up
Get time from GPS
“How to Acquire Time” on page 30
“Choose Your Time Source” on
page 33
“Setting Up the IP Address” on
page 26
“Appendix D” on page 137
“Dialup Settings dialog” on page 38
“GPS” on page 35
5
S100 User Guide – Rev. D – June 2005 1
How to... Go here for the answer
SyncServer S100
1
Install the GPS antenna
Install my S100
Install SymmTime
Learn how the S100 works
Establish an IP address and other settings
Set up the optimal operating environment for
my S100
Set up all hardware connections
Synchronize SymmTime
Test for NTP functionality
Use the web-based interface
“Installing the GPS Antenna” on
page 23
“Installing Your S100” on page 19
“Installing SymmTime” on page 49
“How the S100 Works” on page 9
“Setting Up the IP Address” on
page 26
“S100 Specifications” on page 119
“Making All Connections: An
Overview” on page 20
“To Synchronize SymmTime:” on
page 51
“Testing Network Functionality” on
page 28
“The Web-Based Interface” on page 53
Conventions Used
The most common conventions used here are:
Table 1: Type Conventions
Term Definition
Bold Boldface type is used for menu and
Courier The Courier typeface is used to
command names; field, tab, and button
labels; and special terms.
designate file names, folder names,
code, and URLs.
The warning symbol alerts the user to
information that if improperly used could
be harmful to people, equipment, or
data.
2 S100 User Guide – Rev. D – June 2005
Product Details
Details about the physical description and operating environment of the S100 are found in
Appendix A, “S100 Specifications” on page 119
Details about S100 operations are in “The Web-Based Interface” on page 53
“Chapter 3” on page 13
Time Standards
The international time standard is called Coordinated Universal Time or, more commonly,
UTC. This standard was agreed upon in 1972 by worldwide representatives within the
International Telecommunications Union; today, the Internet Engineering Task Force (IETF)
sets standards based on the 1972 work. Today UTC is coordinated by the world’s
International Bureau of Weights and Measures, or BIPM. (The designations “UTC” and
“BIPM” were chosen as a compromise among all the countries’ abbreviations for the terms.)
The global availability and precision of UTC time makes it the ideal source of time for Time.
The S100 uses UTC as its time standard.
1
of this User Guide.
, as well as
, and “Operations & Time-Protocols” on page 87.
2
3
Global Positioning System (GPS)
The U.S. Department of Defense Global Positioning System (GPS) is a constellation of
approximately 29 satellites that orbit Earth twice a day. Their orbits are inclined 56 degrees to
the equator . The GPS satellites signals are used by a GPS receiver to precisely determine its
own position and time.
The orbits of these satellites and the offset (relative to international standard time, UTC) of
their on-board Cesium atomic clocks is precisely tracked by the U.S. Air Force control
network. Position and time correction information is uplinked from the ground control stations
and maintained in the satellites in what are termed ephemeris tables, or tables of data that
describe the satellite’s position when compared to specified coordinates. Each satellite
transmission reports the satellite’s current position, GPS time, and the offset of the satellite’s
clock relative to UTC, international standard time.
The “S100 GPS” model uses GPS to obtain time. (The “S100 ACTS” model obtains time by
dialing NIST's Automated Computer Time Service (ACTS).)
5
S100 User Guide – Rev. D – June 2005 3
Stratum Levels
SyncServer S100
1
The Internet Engineering Task Force (IETF) established standards for Network Time Protocol
(NTP) in IETF RFC 1305. These hold that the source of time for each server is defined by a
number called its stratum. The highest level is 0; Stratum 0 devices, such as GPS or radio
clocks, are connected to a primary time reference, such as the national atomic clock. Each
level “away” from this primary time reference adds on another number. The Stratum of a
primary server, which gets its time from the GPS system, for example, is assigned as 1.
Devices that get their time from a Stratum 1 primary server through NTP are Stratum 2,
Stratum 3, and so forth. A Stratum 2 or 3 server simultaneously acts as a client, deriving its
time from an NTP process with a Stratum 1 (or 2) Server, and acts as a server for clients
further down the hierarchy.
Here is a summary:
Table Intro-1: Stratum Levels: Summary
Stratum Level Significance
Stratum 0 Connected to a primary time reference, this device—usually a GPS or
radio clock—is synchronized to national standard time.
Stratum 1 A Stratum 1 time server deri ves time from a Stratum 0 time source
Stratum 2...n A Stratum 2 ( and so on) device de rives its tim e from a Stratum 1 server,
or other Stratum 2...n device from NTP.
Obviously, the further away a network is from the primary source, the higher the possibility of
time degradation because of variations in communication paths and the stability of the local
clock.
The S100 can be a Stratum 1 device, as well as Stratum 2 or 3.
Time Synchronization and Business
Reliable time synchronization is essential for doing business today.
Ensuring that all components of a network are synchronized to the global UTC time st andar d
is critical for accurate time stamps, operational logs, and secu rity applications. Many complex
data processing tasks are dependent upon precise event sequences and accurate time
stamping of events.
Not using a dedicated time server can give rise to the following problems:
• Security risks: Users who retrieve time from an outside source, such as the Internet, are
going outside your firewall.
4 S100 User Guide – Rev. D – June 2005
• Bandwidth consumption: Synchronizing the time over a WAN (wide area network)
consumes expensive bandwidth and degrades time accuracy (versus synchronizing
over a LAN).
• Lost time: If your network synchronization relies on a time reference outside your
network, your network can be seriously compromised if the one connection to that
outside time reference is lost.
1
How the S100 Solves the Problem
The S100 provides your network with a single unbiased time reference based on one or more
external time references. Should all external time references become unavailable, the S100
uses its own high-performance crystal oscillator to keep time.
The S100, using its internal GPS receiver , operat es as a Stratum 1 time server, with accuracy
to the nearest microsecond relative to UTC as maintained by the U.S. Naval Observatory,
one of the National Measurement Institutes
Time is distributed using the Network Time Protocol (NTP), and between multiple sites. The
result is that with the S100, network users can get time from within your firewall.
Full specifications are found in “S100 Specifications” on page 119
National Measurement Institutes
The S100 synchronizes to UTC. This time standard is maintained by the International Bureau
of Weights and Measures (BIPM). By international agreement, each country’s National
Measurement Institute (NMI) maintains audit records of their synchronization with BIPM UTC,
thus providing verifiable sources of UTC within their countries. NMI clocks are disciplined to
be within nanoseconds of UTC time.
2
3
(NMIs) in the U.S.
.
5
Country Name of NMI Abbreviation
United States National Institute of St andards and Technology NIST
France Laboratoire Primaire du Temps et des Fréquences LPTF
United Kingdom National Physical Laboratory NPL
Japan Communications Research Laboratory CRL
S100 User Guide – Rev. D – June 2005 5
1
SyncServer S100
Special Safety Instructions
Lithium Battery Disposal Instructions
Caution: Replace lithium battery only with one of the same
type and ratings. Dispose of the battery in accordance with all
local codes. Contact your local environmental control or disposal agency for details.
Electrical Safety Instructions
Caution: Do not install the modem (phone) cord during an
electrical storm.
Note: minimum 26AWG phone cord is recommended
for added safety.
Note: A minimum 26AWG phone cord is recommended
for added safety.
Note: POWER CORD SELECTION: If your unit is not
provided with a power cord-set, purchase only a Certified cord-set suitable for your location (voltage source)
with a minimum 6A current rating.
6 S100 User Guide – Rev. D – June 2005
Chapter 2
S100 Technology
Overview
This chapter gives a review of the S100 technology.
There is additional information in “S100 Specifications” on page 119
1
2
3
.
S100 Product Overview
The S100 network time server synchronizes secure network time. The following sections
describe this technology.
5
Sources of Time
The S100 obtains time from GPS, ACTS, or another S100, and delivers it to computers and
other devices on a network. It acquires UTC (Universal Coordina ted T ime) from GPS signals,
or using ACTS dial-up to the National Institute of Standards and Technology (in the U.S.). If
there are several S100s on your network, only a few S100s need acquire UTC directly. They
can then distribute that time to other S100s.
On the Network
Clients on a network synchronize with a time source using NTP, the Network Time Protocol,
to exchange packets of time. The S100 implements NTP Version 4. This prevents intruders
from spoofing time packets and using NTP to gain access to your systems. Unlike previous
versions, NTP Version 4 implement s asymmetric encryption. This is the same technique used
S100 User Guide – Rev. D – June 2005 7
SyncServer S100
by secure web sites to protect credit card numbers and other sensitive information from
unintended interception.
1
The S100 also supports SNMP v1.8 and SNMP v3 (Simple Network Management Protocol)
for easy integration into your existing management hierarchy.
Web-based Access
The S100 management is web-based. Using a standard browser, you can set up and
configure an S100 from any point on the Internet.
See Chapter 3 for more about this web access.
There is a detailed section about this web-based interface in Chapter 4, “The Web-Based
Interface” on page 53.
8 S100 User Guide – Rev. D – June 2005
Time Distribution Model
Network time distribution systems use a hierarchical time distribution model, as shown in this
figure:
GPS
Satellites or
NMI Dial-Up
Stratum 0
Stratum 1
Service
Symmetricom
SyncServer
2
3
SyncServers
or Computer
Systems
(NTP Clients)
Stratum 2
1
Computer
Systems
(NTP
Stratum 3
In hierarchical systems, primary time source clocks are Stratum 0 (zero), including GPS
satellites, National Institute of Standards and Technology (NIST) ACTS dial-up service, or
similar national time standards organizations.
The S100 acts as a Stratum 1 time server that derives its time from GPS and distributes this
time over a TCP/IP network using NTP. Strat um 2 NTP clients can distribut e time to S tratum 3
computers.
Clients)
Figure 2-1: The S100 in the Time Distribution Hierarchy
How the S100 Works
The following describes how the S100 acquires and secures time.
5
S100 User Guide – Rev. D – June 2005 9
1
More details are found in “Chapter 3” on page 13 and “The Web-Based Interface” on
page 53.
S100 and Time Distribution
Time is distributed over an IP network using Network Time Protocol (NTP), Simple Network
Time Protocol (SNTP), Time Protocol, and Daytime Protocol over TCP/IP.
S100s can be distributed throughout a LAN or intranet. Also, a single GPS antenna is all that
is required to acquire UTC time for an array of S100s, making the network less vulnerable to
damage or attack. (Note: The GPS antenna described in this manual has been replaced as
described in “Appendix E” on page 141
Once the S100 is locked with its time source, it will continuously provide time even if the
timing signal is lost. If the GPS time signal is lost, the NTP message returned by the S100 will
indicate—from the Reference Timesta mp—when it last obtained time updates from the timing
signal.
The S100 maintains the year value as a four-digit number . The S100 maintains time as binary
seconds and has no problem with leap-years and the introduction of leap seconds.
SyncServer S100
.)
S100 and Client Software
Install NTP client software on the client machines in order to synchronize those clients with
S100’s NTP server.
Obtain the SymmTime™ NTP client for Windows at
symmtime.asp.
Details about installing SymmTime are found in “Installing SymmTime” on page 49.
Unix/Linux clients can be synchronized using the public domain NTP daemon or equivalent
NTP client software. If an NTP daemon is not available for your system, you can obtain a
copy of RFC 1305 or 2030 from the Network Information Center (NIC) at
www.ietf.org/rfc/rfc1305.txt, in order to implement an NTP daemon for your system.
S100 and NTP v4’s Security Features
NTP is the de facto standard of communicating time in IP network environments. Developed
at the University of Delaware in the United States, NTP is public domain software. It can
provide time without opening the NTP port and exposing the firewall to possible intrusion. The
S100 supports NTP v4 (Secure NTP), and can support NTP v2 and v3, as well.
The S100 generates keys, which take the form of a file composed of random numerical
sequences. These key files are recognized by the cryptographic authentication components
of NTP. These keys are symmetric, or private (in NTP v3 and v4), and asymmetric or public or
Autokey (NTP v4); Autokey protocol, therefore, can recognize the key files as well. The
contents of the key files include the public/private key pair, a certificate request, a certificate,
and Diffie-Hellman parameters.
http://www.ntp-systems.com/
http://
10 S100 User Guide – Rev. D – June 2005
Digitally signed public certificates are required by the Autokey protocol. (See the interface at
“Advanced: Keys/Certificates” on page 64
request (X.509) to a trusted Certificate Authority (CA). The CA can be an outside trust
authority, such as VeriSign, or the device can certify itself. The S100 itself is “self-signed”, or
shipped to you with an authenticated certificate. The S100 CA digitally signs (authenticates)
the request and sends it back, along with the certificate, to the person requesting it.
More details of the NTP protocol and synchronization techniques can be found in the Help file
included with the interface, or at:
•
http://www.ntp.org
http://www.ietf.org/rfc/rfc1305.txt
•
S100 and the Global Positioning System
The Global Positioning System (GPS) receiver in the S100 tracks GPS satellites as they pass
overhead and determines the range of the satellite in relation to its antenna. The GPS
receiver uses the following four properties of the satellite to determine its own position and
derive the time:
• x, or latitude
• y, or longitude
• z, or altitude
• t, or time
.) All of this data goes into your certificate
1
2
3
However, once the GPS receiver has calculated its position, only one satellite is needed to
solve for time (t). This is because the receiver has tracked at least four satellites and has
positioned itself. GPS time is expressed as the number of weeks since midnight, January 6,
1980 (GPS Week) and the number of seconds in the week. These two values are transmitted
as binary integers from the satellites and converted into conventional date or day (UTC T ime)
by the GPS receiver.
5
S100 User Guide – Rev. D – June 2005 11
1
SyncServer S100
12 S100 User Guide – Rev. D – June 2005
Chapter 3
Installation and Configuration
Overview
Installation, setup, and getting started with the S100 are reviewed in this section.
Symmetricom recommends you review
beginning your installation so that you are already familiar with the references to the interface
once you begin to use it.
Getting Up and Running
This chapter guides you through the following basic steps:
1. Set up the hardware and make all connections (
phone line).
2. Using the serial cable, establish the S100’s IP address.
3. Test for network functionality (ping).
4. Using the web-based interface, choose and configure the time source.
2
before
3
Optional: Install GPS antenna, connect
5
Unpacking Your S100
Unpack and inspect each item in the box. If there is any damage, or any items are missing,
please contact Symmetricom Customer Assistance (see “Appendix D” on page 137
Note: The GPS and bullet antennas and antenna cables described in this manual have been
replaced as described in
The following items should be included:
For the S100-Dial-up/ACTS For the S100-GPS
S100 S100
A/C Power Cord with US-style wall plug A/C Power Cord with US-style wall plug
S100 User Guide – Rev. D – June 2005 13
.
).
For the S100-Dial-up/ACTS For the S100-GPS
SyncServer S100
CD with NTP Clients, SymmTime™ software,
User Guide PDF
Six-foot RS-232 Cable Six-foot RS-232 Cable
Phone cord Phone cord
D-BNC Signal Breakout Cable BC11576-1000 D-BNC Signal Breakout Cable BC11576-1000
CD with NTP Clients, SymmTime™ software,
User Guide PDF
Bullet Antenna
Antenna Mast - aluminium mast threaded to
screw into the bottom of antenna
Mounting Bracket Hardware - for attaching
mast to railing
50-foot RG58 (Belden 8240 or equivalent)
cable
14 S100 User Guide – Rev. D – June 2005
SyncServer
S100
2
RS -232 Cable
Bullet
Antenna
Figure 3-1: S100 and Accessories
Phone Cord
D-BNC Signal
Breakout C able
For GPS option:
Antenna Cable
CD with
NTP Clients,
SymmTime,
User G uide
Antenna Mast and
Brackets
AC Power
Cord
3
5
Your CD-ROM
The CD does not autoload when inserted into the CD-ROM drive. Use the file browser to view
the contents of the CD. The CD contains: SymmTime, PuTTY, and TermPro23. PuTTY and
TermPro23 are shareware.
• SymmTime synchronizes a Windows-based PC’s clock with the time from an S100 unit
or other NTP server. When executed, a small pop-up containing four clocks appears.
Once installed, visit
downloads.
S100 User Guide – Rev. D – June 2005 15
http://www.ntp-systems.com/symmtime.asp for the latest file
• TermPro23.exe is used to install Tera Term terminal emulation software, if desired. The
manual refers to using Hyperterminal. Either will work (as well as any others). This
version supports Win 95, NT 3.51 and 4.0.
• PuTTY is described below.
Using the Software
None of the files in the PuTTY folder must be installed. They are provided in case you re quire
them and do not have them. The SymmTime (click SymmTime200x.exe to launch) file must
be used for synchronization. The TTermPro23 is also optional.
PuTTY Folder Details
PuTTY contains the following optional executable files:
• pageant.exe (Secure Shell [SSH] authentication agent for PuTTY, PSCP, and Plink)
• plink.exe (a command line interface to PuTTY back end)
• pscp.exe (SCP client using command line secure file copy)
SyncServer S100
• psftp.exe (SFTP client for general file transfer session similar to FTP)
• putty.exe (a Telnet and SSH client)
• puttygen.exe (RSA key generation utility)
PUTTY.EXE
is a secure shell client utility that allows you to log into a multi-user computer from another
computer over the network.
The file, Putty.exe, only runs on full Win32 systems (Windows 95, 98, ME, NT, 2000, XP, not
CE).
Most of its data (saved sessions, SSH host keys) is in the Registry at:
WARNING!
Using PuTTY, PSCP, PSFTP, Plink is illegal in
countries where encryption is forbidden. See
http://rechten.kub.nl/koops/cryptolaw/clssum.htm
HKEY_CURRENT_USER\Software\SimonTatham\PuTTY
PSCP.EXE
is a Secure Copy client and a tool for transferring files securely between computers using an
SSH connection. PSCP.EXE is a command line application only. It uses the Windows MS-
16 S100 User Guide – Rev. D – June 2005
DOS Prompt (in 95, 98, ME) or the Command Prompt (in NT, 2000). This is available from the
Programs section of your Start Menu.
To start PSCP, add the directory containing PSCP to your PATH environment variable, enter
the following in the console window:
This will only work for the lifetime of that particular console window. To set your PATH more
permanently on Windows NT, use the Environment tab of the System Control Panel. On
Windows 95, 98, and ME, you will need to edit your AUTOEXEC.BAT to include a set
command like the one above.
Further, PSCP.EXE is a command line application, not a GUI application. If you run it without
arguments, it will simply print a help message and terminate. It runs on every SSH server.
PSCP is designed to do a single file transfer operation and immediately terminate.
PSFTP.EXE
is a tool for transferring files securely between computers using an SSH connection.
PSFTP differs from PSCP in the following ways:
• PSFTP uses the new SFTP protocol, which is a feature of SSH 2 only (PSCP will also
• PSFTP allows you to run an interactive file transfer session, much like the Windows FTP
set PATH=C:\path\to\putty\directory;%PATH%
2
3
use this protocol if it can, but there is an SSH 1 equivalent it can fall back to if it canno t).
program.
Y ou can list the contents of directories, browse around the file system, issue multiple get and
put commands, and eventually log out.
PLINK.EXE
is a command line connection tool similar to UNIX SSH. It is mostly used for automated
operations, such as making CVS access a repository on a remote server. Do not use Plink if
you want to run an interactive session in a console window. Plink is a command line
application in the same manner as PSCP.
PAGE AN T.E XE
is for public-key authentication and allows open multiple SSH sessions without having to type
a pass phrase every time. It provides you with the security benefit of never storing a
decrypted private key on disk. Holding your decrypted private keys in Pageant is better than
storing them in disk files. The drawbacks are:
• Windows does not protect pieces of memory from being written to the system swap file. If
Pageant is holding your private keys, it's possible that decrypted private key data may
be written to the system swap file, and an intruder who gained access to your hard disk
might be able to recover that data.
5
S100 User Guide – Rev. D – June 2005 17
• Windows prevents programs from accidentally accessing one another's memory space
and it allows programs to access one another's memory space deliberately (e.g.,
debugging). If a virus, trojan, or other malicious program attaches onto your Windows
system while Pageant is running, it could access the memory of the Pageant process,
extract your decrypted authentication keys, and send them back to its master.
Before you run Pageant, you need to have a private key. Use Puttygen.exe to do this. When
you run Pageant, it will put an icon of a “computer wearing a hat” into the System tray. It will
remain there and do nothing until you load a private key into it.
PUTTYGEN.EXE
is a key generator . It generates pairs of public an d private keys to be used with PuTTY, PSCP,
Plink, as well as the PuTTY authentication agent, Pageant. PuTTYgen generates RSA and
DSA keys. Use it as an alternative means of identifying yourself to a login server, instead of
typing a password.
In conventional password authentication, you prove you are who you claim to be by knowing
the correct password. The only way to prove you know the password is to enter it. If the
server has been compromised, an intruder could learn your password.
SyncServer S100
Public key authentication (Puttygen.exe) solves this problem. You generate a key pair,
consisting of a public key—which everybody is allowed to know, and a private key—
which you keep secret and not give to anyone. The private key is able to generate signatures.
A signature created using your private key cannot be forged by anyone unless they have that
key. Anyone who has your public key can verify that a particular signature is genuine.
So you generate a key pair on your own computer, and you copy the public key to the server.
Then, when the server asks you to prove who you are, Putty.exe can generate a signature
using your private key. The server can verify that signature (since it has your public key) and
allow you to log in.
Note: Keep the packing materials for future use. These materials are custo m design ed to
protect the S100 during storage and shipping. Use them if you need to return the unit to
Symmetricom (for Customer Assistance see
“Appendix D” on page 137).
18 S100 User Guide – Rev. D – June 2005
Installing Your S100
Install the S100 in a physically secure location with strong physical access controls.
Symmetricom recommends that you read the operating environment requirements and other
specifications in “S100 Specifications” on page 119
Rack Mounting
The S100 is designed for mounting in a standard 19-inch (48.26 cm) rack. It is important to
keep the fan inlet and outlet areas clear to maintain air flow. If the unit is installed in a closed
or multi-unit rack assembly, the operating ambient temperature of the rack environment may
become greater than that of the room. Be sure that the ambient temperature is no higher than
50°C/122°F. Make sure the unit is properly balanced and grounded.
, before starting.
WARNING!
To prevent electrical shock or
injury, DO NOT remove the S100
cover.
Dangerous voltages exist within
this enclosure!
2
3
Primary Power Connection
5
The S100 uses external AC power.
The unit has a power cable with a PH-386, IEC 320-C-13 three-conductor female connector
on the computer end of the cable. The other end of the cable has a NEMA 6-15P grounding
plug (US Standard, 15-amp, 125-volt, straight-blade plug).
Important Safety Instructions!
When using your telephone equipment, basic safety precautions should always be followed
to reduce the risk of fire, electric shock and injury to persons. Do not use this product near
water or in a damp location.
Caution: To reduce the risk of fire, use only No. 26 AWG or larger telecommunication line cord.
S100 User Guide – Rev. D – June 2005 19
Making All Connections: An Overview
Use your standard PC workstation to configure the S100.
Refer to the illustrations in this section when you install the S100.
You will need to make a network connection (you may or may not require a hub to do this). It
is suggested you obtain an IP address from your IT dep artment. The Serial cord connect s the
S100 to your computer. Connect the S100 to your network using the network port. Use your
verified IP address in your web browser to reach the S100’s Configuration Wizard online.
SyncServer S100
20 S100 User Guide – Rev. D – June 2005
Setting Up the Hardware
On the S100 Front Panel
Figure 3-2: S100 Front Panel Close-up
2
3
Complete the following steps before turning on the power:
1. Connect the 9-pin serial cable from the PC workstation to the S100 serial port. You are
doing this so to configure the S100 using a PC; see “Establishing A Serial Connection”
on page 24 in the next section.
2. Connect the RJ45-terminated Ethernet cable to one or both network ports on the S1 00.
Note: If only one network connection is required, use the left Ethernet port (eth0). The
two USB ports are not functionable on this S100 release.
outputs UTC only.
Sysplex Timer Port: This port
5
S100 User Guide – Rev. D – June 2005 21
On the S100 Rear Panel
SyncServer S100
Telephone
cable to wall
J 1
DB15
Connector
Telephone cable
to phone
ANT.
GPS
GPS Antenna
Connector
DB9 Connector
(optional)
Power Panel
Figure 3-3: S100 Rear Panel Close-up
Complete the following steps to complete the S100 installation:
1. Connect the power cable to the S100.
GPS Option: Install GPS Ante nna by connecting it to the GPS Antenna connector shown in
2.
Figure 3-3. Connect the Phone cord to a telephone line.
Note: The GPS antenna described in this manual has been replaced as described in
“Appendix E” on page 141
3. If you are not using a Rubidium oscillator, connect the D-BNC Signal Breakout Cable
(BC1 1576-1000) to the DB15 Connector shown in Figure 3-3. If you are using the S100
with an optional Rubidium oscillator , connect the external rubidium cable (furnishe d with
the Rubidium oscillator) from the DB9 Connector to the DB15 connector (see Figure 3-
3).
Note: The D-BNC Signal Breakout Cable BC11576-1000 has five connectors on it. The three
connectors labelled “Time Code Output”, “Time Code Input”, and “1 PPS Output” are
available for use with on the S100. The connectors labelled “Event Input” and “Heartbeat” are
not applicable for use on the S100.
22 S100 User Guide – Rev. D – June 2005
Loading...